🕵️

Bug Bounty Program

The Scope

At Visor, we passionately pursue seamless and delightful experiences for our customers. This means that our UX runs smoothly, our integrations are the best in the market, and we have the most robust security. In order to ensure this, we have launched Visor’s Bug Bounty Program, where we reward users for finding any bugs or vulnerabilities within the platform.

Quick Disclosure

Please allow us time to review the bug or vulnerability and rectify it. It might take us a few days to review a finding, and we might have further questions before rewarding a participant for their work.

We require that all submissions remain confidential and are not be disclosed to anyone outside of the Visor team. This includes third parties, colleagues, or as part of a review on review sites.

Who is Qualified for the Bug Bounty Program?

Anyone who currently has a Visor account can participate in the bug bounty program.

Where in the Visor Platform

There are three areas of the platform where participants of the Bug Bounty Program can hunt:

  • User Experience: Anywhere within Visor’s front-end system. Participants can hunt for bugs across Visor’s UX.
  • Integrations: Users can hunt for bugs throughout all of Visor’s integration functionalities. This includes integrating to an app importing, syncing, and editing imported data within the Visor platform.
  • Security: Vulnerabilities that directly or indirectly affect the confidentiality or integrity of user data or privacy

Bug Requirements

  • A bug should be described for the first time and should not have been reported before. Duplicated issues are not eligible for a reward. If a bug has already been found by a Visor team member or another participant, it will not qualify.
  • A bug report should have a detailed description and scenario for reproduction. A participant can also add a recorded video that demonstrates the bug in question.
  • When writing the description about the bug in the UX or Integrations section, we suggest participants write in the following structure:
    • What I was trying to do
    • What happened
    • What I expected to happen

Where to Report a Bug

When reporting a bug, there are two options for a participant to share their findings with the Visor team:

  • The preferred option is by reporting the bug in the feedback window. This can be accessed when you are logged into your account and click on the feedback button, which is located on the top right corner of your screen. Please note the examples below:

image

image

Rewards for Bounty

Rewards will be paid in Amazon gift cards based on the severity of the bug or vulnerability. Rewards will be decided on a case-by-case basis. Most UX and integration bugs will be worth a $20 bounty. Security vulnerabilities are generally awarded $300.

Let’s Begin the Hunt!